US rozzers are being warned to avoid looking at iPhones with Face ID in case they get locked out of the device, much like Craig Federighi at the iPhone X launch event. Apple’s mug-scanning Face ID tech, found on the iPhone X and iPhone XS, attempts to authenticate a face up to five times before the feature is disabled and the user’s potentially harder-to-obtain passcode is required to unlock the smartphone. Because of this, forensics outfit Elcomsoft is warning US law enforcement not to gawp at iPhones involved in investigations as failed attempts would render Apple’s Face ID useless, meaning a suspect can no longer be forced to unlock their own phone.

Britain is putting pressure on the EU to name the targets of new chemical weapons sanctions due to be agreed as part of the bloc’s escalating response to alleged malicious Russian activity in Europe. Jeremy Hunt, Britain’s foreign secretary, will also call for talks on cyber-related EU countermeasures to be stepped up when the bloc’s foreign ministers gather in Luxembourg on Monday.

Researchers at IU have discovered a simple way to foil criminals intent on breaking into university data. To investigate the impact of policy on password reuse, the study analyzed password policies from 22 different U.S. universities, including their home institution, IU. Next, they extracted sets of emails and passwords from two large data sets that were published online and contained over 1.3 billion email addresses and password combinations. Based on email addresses belonging to a university’s domain, passwords were compiled and compared against a university’s official password policy. The findings were clear: Stringent password rules significantly lower a university’s risk of personal data breaches.

Scammers are creating fake Android cryptocurrency mining apps and promoting them on the Google Store. The kicker is that these apps claim to mine cryptocurrency that can’t be mined in the first place. Fortinet discovered these apps on the Google Play Store when they saw that the apps were being promoted as miners for Ripple (XRP), Cardano (ADA), and Tether. As these are cryptocurrencies that are not possible to mine, the apps only pretend to mine and instead display advertisements.

Just like clockwork, another weekend is over and Monday is here again. To lighten the load, El Reg is offering you the latest instalment of Who, Me?, our weekly sysadmin confessional column. This time we meet “Romeo”, who was working at a large music company in London at the time in question. It was his first job for a big multinational and the firm had just been hit by the I Love You virus that crippled systems all over Europe back in 2000.